"Practical Packet Analysis: Using Wireshark to Solve Real World Problems" is a decent book for readers who are relatively new to networking. It makes a great addition for someone in the one-to-three year range of their career. Whether this career is security-centric, network administration, or simply as a hobbyist, Chris Sanders made great work of keeping things simple yet informative for his readers. While this is a plus for the entry person, it is also its minus for the seasoned pro.

The beginning of the book gives an overview of the OSI layer, which I have found many in the IT industry skimp on. Whether you are in networking, systems, programming or the security arena, understanding the interconnections of protocols and how they operate with one another across the layers should be the first and foremost knowledge one should memorize. Because Chris took the time and brought this out at the forefront, it will be beneficial to the reader, which once again I feel would be a junior administrator. Let’s get into some more details after the break.

While I'm higher in the career field than the book is designed for, I'll probably get a copy to read through. I feel like there are gaps in my Wireshark Fu. Which is funny considering what I've used it for in the past.

I also plan on getting the other book that Sil recommended. That's just a question of resources.

H1t M0nk3y wrote:Great work Sil. You made me feel what the book really had to offer. Thanks for your work!

I tried. Its not that I don't think the book is good, I just feel most of the stuff covered was a little bit basic and perhaps could have flowed better. I even went as far as giving it a re-read but my attention span didn't allow me to go through it all again I think in mid-long term goals. With that said, I believe most if not any coming on this forum would appreciate something worthy for the long haul, my option would be skip it and go to the better book. May be difficult to swallow, but worth more effort and would yield better knowledge in the long run

So I'm using my Safari account to read this. Going through the table of contents, I think the chapter on wireshark fundamentals, subsection on packet colors would make this book worth it by itself. I always have a problem remembering what the colors mean (some i never learned). So I might be able to use the book to build a good cheat sheet.